1. Field of the Invention
The present invention relates to security technology for electronic documents.
2. Description of the Related Art
Electronic transaction of documents is increasing in companies as LAN have been widely installed. There is a difficulty to execute a settlement or approval for those documents through electronic means.
It is Japan's custom to make settlement by affixing a seal on a hard copy document, while in Europe signature takes the position of the seal. It is very easy to accomplish an effect of the seal and signature on a computer, but it imposes a problem of an easy access to copy or tamper such electronic information which then becomes a security issue.
To cope with such a problem, encoding technology has been commonly used. Especially a public key encoding method has been developed recently (Japanese Patent Publication No. 6-20199, Japanese Patent Laid Open Nos. 2-134940, 3-67356, 3-195229, 4-91531, 4-11877, 4-160493, 5-260043, 6-95591, 6-103425, 6-103426, 6-150082, 6-161354, 6-162289, 6-224896, 6-315036, 7-135680, 7-162451).
The common key encoding method, used in the prior art, discloses one key, thereby enabling the sender and receiver of information to be identified respectively. The purpose of this method is to guarantee that a document is neither created by someone else, nor tampered with. The document encoded with a confidential key is made public, thereby accomplishing the purpose of a regular signature. This is called a digital signature, or electronic signature.
If a document is encoded, then the content cannot be read as plain sentences. Therefore, if the purpose is to prevent tampering, and no need to keep content itself confidential, then the encoded characters are added to the original document. We may call this a clear signature.
The disclosed key encoding method is known as a time consuming process which requires a high processing capability, and takes more time than prior encoding methods. In order to overcome such problems, instead of encoding the whole document directly, a method of extracting characteristic data from a document and encoding the data is being used. This extracted characteristic data is called an electronic fingerprint; in case the original information is different even by 1 bit, then an unpredictable totally different data will be output.
In this method, a one-way hush function is adopted, and in fact programs such as MD2, MD4, MD5 of RSA Data Security, Inc. U.S.A. are disclosed. A disclosed document about the program for extracting characteristic data by RSA Data Security, Inc. is "the MDS Message-Digest Algorithm" (Ronald Divest, REC 1321 MIT Laboratory for Computer Science, 1991.) This document is disclosed by RSA Data Security, Inc. through the Internet.
The program converts variable-length original data into 128 bits fixed-length characteristics data. MD2 and MD5 are used in PGP which is a disclosed key encoding communication software, and PEM which is a standard encoded electronic mail.
FIG. 11 is a diagram of an electronic signature (clear signature) in the prior art. FIG. 11(A) is a document which requires a signature. FIG. 11(B) is a document with plain sentences followed by an electronic signature (digital signature). This electronic signature is created by encoding the document through a use of the sender's confidential key. The receiver then decodes the signature with the disclosed key to plain sentences. If the two plain sentences are identical, then the electronic document is verified as authentic.
Among methods of getting characteristics data other than the disclosed key encoding method, there is a check sum method. This method takes every datum as a numeric value regardless of the datum being a character code or not, and adds up the numeric values, then the total sum becomes the characteristics data. This method enables you to get the characteristics data rather easily, but its security function is vulnerable.
Additional sentences as a clear signature becomes an enumeration of meaningless letters, which may be an eyesore. Also, the confidential key data which is used to create the clear signature is usually built into the device, so that the security for the confidential key becomes a serious issue.
For a hard copy document, a seal or signature as shown in FIG. 11(c) have been used widely. If a figure attached to the document has a shape like a seal or a signature, then it looks more natural, and makes it possible for a person to judge the authenticity to a certain degree.